7 Common Pitfalls of GDPR implementation HR need to know

7 Common Pitfalls of GDPR implementation

In our experience of helping a number of organisations become GDPR legally compliant, here are the 7 major pitfalls, we helped them avoid.

1.     Failure to plan.

This stage is critical, poor or incomplete understanding of the GDPR regulations. Failure to get complete support from all stakeholders, including the board. Failure to get the necessary structure to audit the data held. Failure to budget for GDPR compliance.  Openness & honesty needs to be the bedrock of the process.                                           

2.     Define.

Failure to get expert advice and insights to Data analysis. Incomplete data audit and analysis. Failure to plan the project with necessary support and time required for execution.                         

3.     Audit

Failure to include all stakeholders and functions in the data audit and failure to identify cross function gaps.                                                                                                                                                            

4.     Poor Project management

Not creating an appropriate plan (see 1 above), with critical path dependencies. Poor motivation or lack of support from those in the implementation team.                                                               

5.     Communication

Not keeping the key stakeholders informed of progress and issues that arise. Not identifying suppliers/processes that are not GDPR compliant. Ensuring all stakeholds understand the personal implications for breach of GDPR regulations. Over reliance on technology for GDPR compliance (e.g. biometric systems for clocking in that are not GDPR compliant).                                          

6.     Training

Failure to consult employees (and their representatives) on the GDPR issues and their new enhanced data rights. Failure to train ALL employees on their data rights and obtain the appropriate and necessary consent. This consent must confirm that they understand their rights as well as confirmation of the data that the organisation holds on them.                                          

7.     Not keeping up to date with changes.

Some issues that will need changing include recruitment, induction, staff handbook and terms and conditions, as well as possibly, a new policy for customers on your web site. Also failure to evaluate the GDPR process, with positives as well as areas for improvement.

Should you require help becoming legally compliant or in any of these areas, including:

12 steps for GDPR compliance

The Ultimate Guide to Consent

The Ultimate GDPR Documentation Check-list.

Then do contact [email protected]

If you valued this post, then please do "LIKE" and follow me, thank you